Strategy11 Formidable_forms
8 CVEs affecting Strategy11 Formidable_forms. Latest disclosed: 2024-12-13. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-2877 | High | 8.8 | 2023-06-27 | The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installing add-on… |
CVE-2023-1405 | High | 7.5 | 2024-01-16 | The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gad… |
CVE-2024-11188 | Medium | 6.1 | 2024-11-23 | The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to POST-Based Refle… |
CVE-2024-0660 | Medium | 6.1 | 2024-02-05 | The Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forg… |
CVE-2024-23522 | Medium | 5.3 | 2024-05-17 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Strategy11 Form Builder Team Formidable Forms allows Code Inject… |
CVE-2024-6725 | Medium | 4.9 | 2024-07-31 | The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Sit… |
CVE-2024-9768 | Medium | 4.8 | 2024-11-21 | The Formidable Forms WordPress plugin before 6.14.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to… |
CVE-2022-45806 | Medium | 4.3 | 2024-12-13 | Missing Authorization vulnerability in Strategy11 Form Builder Team Formidable Forms allows Exploiting Incorrectly Configured Access Control Security Levels.Th… |